Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Group address range + fix tail data #673

Merged
merged 7 commits into from
Aug 27, 2024
Merged

Group address range + fix tail data #673

Show file tree
Hide file tree
Changes from 5 commits
Commits
Show all changes
7 commits
Select commit Hold shift + click to select a range
1793455
Parse address func + group address
visill Aug 25, 2024
dfb86c9
fmt
visill Aug 25, 2024
d5ad357
test
visill Aug 25, 2024
0c189f7
fix
visill Aug 26, 2024
7340ba2
or or and thats question
visill Aug 26, 2024
f60f834
second fix
visill Aug 26, 2024
d69c365
fmt
visill Aug 26, 2024
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
2 changes: 1 addition & 1 deletion docker/bin/setup
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -69,7 +69,7 @@ sudo sysctl -w kernel.core_pattern=/var/cores/core.%p.%e
pgbench -i -h localhost -p 5432 -U postgres postgres

# Create users
psql -h localhost -p 5432 -U postgres -c "set password_encryption TO 'md5'; create role group1; create role group2; create user group_checker; create user group_user1 password 'password1'; create user group_user2; create user group_user3; create user group_user4; create user group_user5; create user group_checker1; create user group_checker2;" -d group_db >> $SETUP_LOG 2>&1 || {
psql -h localhost -p 5432 -U postgres -c "set password_encryption TO 'md5'; create role group1; create role group2;create role group3;create role group4; create user group_checker; create user group_user1 password 'password1'; create user group_user2; create user group_user3; create user group_user4; create user group_user5; create user group_user6;create user group_user7; create user group_checker1; create user group_checker2;" -d group_db >> $SETUP_LOG 2>&1 || {
echo "ERROR: users creation failed, examine the log"
cat "$SETUP_LOG"
cat "$PG_LOG"
Expand Down
31 changes: 28 additions & 3 deletions docker/group/config.conf
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -44,7 +44,6 @@ database "group_db" {

group "group2" {
authentication "none"
password "password2"

storage "postgres_server"
storage_db "postgres"
Expand All @@ -56,6 +55,32 @@ database "group_db" {
group_query_user "postgres"
group_query_db "postgres"
}
group "group3" "127.0.0.0/24" {
authentication "none"

storage "postgres_server"
storage_db "postgres"
storage_user "postgres"

pool_routing "client_visible"
pool "session"
group_query "SELECT rolname FROM pg_roles WHERE pg_has_role(rolname, 'group3', 'member');"
group_query_user "postgres"
group_query_db "postgres"
}
group "group4" "255.0.0.0/24" {
authentication "none"

storage "postgres_server"
storage_db "postgres"
storage_user "postgres"

pool_routing "client_visible"
pool "session"
group_query "SELECT rolname FROM pg_roles WHERE pg_has_role(rolname, 'group4', 'member');"
group_query_user "postgres"
group_query_db "postgres"
}
user default {
authentication "block"
storage "postgres_server"
Expand Down Expand Up @@ -100,10 +125,10 @@ unix_socket_mode "0644"

log_file "/var/log/odyssey.log"
log_format "%p %t %l [%i %s] (%c) %m\n"
log_debug no
log_debug yes
log_config yes
log_session no
log_query no
log_query yes
log_stats yes
daemonize yes

Expand Down
28 changes: 27 additions & 1 deletion docker/group/test_group.sh
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -4,7 +4,7 @@ set -ex

/usr/bin/odyssey /group/config.conf

users=("group_user1" "group_user2" "group_user3" "group_user4" "group_user5")
users=("group_user1" "group_user2" "group_user3" "group_user4" "group_user5" "group_user6" "group_user7")
for user in "${users[@]}"; do
psql -h localhost -p 6432 -U "$user" -c "SELECT 1" group_db >/dev/null 2>&1 && {
echo "ERROR: Authenticated with non-grouped user"
Expand All @@ -25,6 +25,8 @@ psql -h localhost -p 5432 -U postgres -c "GRANT group1 TO group_user1;" group_db
psql -h localhost -p 5432 -U postgres -c "GRANT group1 TO group_user2;" group_db
psql -h localhost -p 5432 -U postgres -c "GRANT group2 TO group_user3;" group_db
psql -h localhost -p 5432 -U postgres -c "GRANT group2 TO group_user4;" group_db
psql -h localhost -p 5432 -U postgres -c "GRANT group3 TO group_user6;" group_db
psql -h localhost -p 5432 -U postgres -c "GRANT group4 TO group_user7;" group_db

/usr/bin/odyssey /group/config.conf

Expand Down Expand Up @@ -66,4 +68,28 @@ psql -h localhost -p 6432 -U group_user3 -c "SELECT 1" group_db >/dev/null 2>&1
exit 1
}

psql -h ip4-localhost -p 6432 -U group_user6 -c "SELECT 1" group_db >/dev/null 2>&1 || {
echo "ERROR: Not authenticated with correct addr"

cat /var/log/odyssey.log
echo "

"
cat /var/log/postgresql/postgresql-14-main.log

exit 1
}

psql -h ip4-localhost -p 6432 -U group_user7 -c "SELECT 1" group_db >/dev/null 2>&1 && {
echo "ERROR: Authenticated with incorrect addr"

cat /var/log/odyssey.log
echo "

"
cat /var/log/postgresql/postgresql-14-main.log

exit 1
}

ody-stop
70 changes: 40 additions & 30 deletions sources/config_reader.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -1775,30 +1775,9 @@ static int od_config_reader_rule_settings(od_config_reader_t *reader,
}
return NOT_OK_RESPONSE;
}

static int od_config_reader_route(od_config_reader_t *reader, char *db_name,
int db_name_len, int db_is_default,
od_extention_t *extentions)
static int od_config_reader_address(od_config_reader_t *reader,
od_address_range_t *return_range)
{
char *user_name = NULL;
int user_name_len = 0;
int user_is_default = 0;

/* user name or default */
if (od_config_reader_is(reader, OD_PARSER_STRING)) {
if (!od_config_reader_string(reader, &user_name))
return NOT_OK_RESPONSE;
} else {
if (!od_config_reader_keyword(reader,
&od_config_keywords[OD_LDEFAULT]))
return NOT_OK_RESPONSE;
user_is_default = 1;
user_name = strdup("default_user");
if (user_name == NULL)
return NOT_OK_RESPONSE;
}
user_name_len = strlen(user_name);

/* address and mask or default */
char *addr_str = NULL;
char *mask_str = NULL;
Expand Down Expand Up @@ -1868,6 +1847,38 @@ static int od_config_reader_route(od_config_reader_t *reader, char *db_name,
return NOT_OK_RESPONSE;
}
}
address_range.string_value_len = strlen(address_range.string_value);
*return_range = address_range;
free(addr_str);
return OK_RESPONSE;
}
static int od_config_reader_route(od_config_reader_t *reader, char *db_name,
int db_name_len, int db_is_default,
od_extention_t *extentions)
{
char *user_name = NULL;
int user_name_len = 0;
int user_is_default = 0;

/* user name or default */
if (od_config_reader_is(reader, OD_PARSER_STRING)) {
if (!od_config_reader_string(reader, &user_name))
return NOT_OK_RESPONSE;
} else {
if (!od_config_reader_keyword(reader,
&od_config_keywords[OD_LDEFAULT]))
return NOT_OK_RESPONSE;
user_is_default = 1;
user_name = strdup("default_user");
if (user_name == NULL)
return NOT_OK_RESPONSE;
}
user_name_len = strlen(user_name);

od_address_range_t address_range;
if (od_config_reader_address(reader, &address_range)) {
return NOT_OK_RESPONSE;
}

/* ensure rule does not exists and add new rule */
od_rule_t *rule;
Expand Down Expand Up @@ -1899,11 +1910,8 @@ static int od_config_reader_route(od_config_reader_t *reader, char *db_name,
if (rule->db_name == NULL)
return NOT_OK_RESPONSE;

address_range.string_value_len = strlen(address_range.string_value);
rule->address_range = address_range;

free(addr_str);

/* { */
if (!od_config_reader_symbol(reader, '{'))
return NOT_OK_RESPONSE;
Expand All @@ -1929,11 +1937,13 @@ static int od_config_reader_group(od_config_reader_t *reader, char *db_name,
snprintf(route_usr, sizeof route_usr, "%s%s", "group_", group_name);
snprintf(route_db, sizeof route_db, "%s", db_name);
od_rule_t *rule;
od_address_range_t default_address_range =
od_address_range_create_default();
od_address_range_t address_range;
if (od_config_reader_address(reader, &address_range)) {
return NOT_OK_RESPONSE;
}

rule = od_rules_match(reader->rules, route_db, route_usr,
&default_address_range, 0, 0, 1);
&address_range, 0, 0, 1);
if (rule) {
od_errorf(reader->error, "route '%s.%s': is redefined",
route_usr, route_usr);
Expand All @@ -1954,7 +1964,7 @@ static int od_config_reader_group(od_config_reader_t *reader, char *db_name,
if (rule->db_name == NULL)
return NOT_OK_RESPONSE;
rule->db_name_len = strlen(rule->db_name);
rule->address_range = default_address_range;
rule->address_range = address_range;

group->group_name = strdup(group_name);
group->route_usr = strdup(rule->user_name);
Expand Down
1 change: 1 addition & 0 deletions sources/rules.c
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -708,6 +708,7 @@ od_rules_forward_sequential(od_rules_t *rules, char *db_name, char *user_name,
continue;
}
}

db_matched = rule->db_is_default ||
(strcmp(rule->db_name, db_name) == 0);
user_matched = rule->user_is_default ||
Expand Down
Loading